Fuzz introspector: wget_ntlm_fuzzer
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
725 2055 19 :

['gnutls_crypto_single_digest_register', 'read_cpuid_vals', '_gnutls_log', 'padlock_capability', 'check_avx_movbe', 'check_padlock', '_gnutls_priority_update_non_aesni', 'check_ssse3', 'check_phe_sha512', 'check_sha', 'capabilities_to_intel_cpuid', 'gnutls_crypto_single_cipher_register', 'check_optimized_aes', 'check_phe_partial', 'gnutls_crypto_single_mac_register', 'check_phe', 'capabilities_to_zhaoxin_edx', 'check_pclmul', 'check_fast_pclmul']

725 2055 register_x86_padlock_crypto call site: 00000 /src/gnutls/lib/accelerated/x86/x86-common.c:388
472 472 12 :

['fseek', 'pthread_rwlock_wrlock', 'cfg_apply', 'ini_parse_file', 'gnutls_strerror', 'ini_ctx_deinit', 'construct_system_wide_priority_string', 'fclose', '_name_val_array_clear', 'fopen', '_gnutls_buffer_clear', 'update_system_wide_priority_string']

604 604 _gnutls_update_system_priorities call site: 00000 /src/gnutls/lib/priority.c:2314
48 48 1 :

['capabilities_to_intel_cpuid']

440 1304 register_x86_intel_crypto call site: 00000 /src/gnutls/lib/accelerated/x86/x86-common.c:911
18 18 1 :

['_gnutls_asn2err']

40 40 _gnutls_global_init call site: 00000 /src/gnutls/lib/global.c:293
16 16 1 :

['_asn1_delete_list_and_nodes']

16 16 asn1_array2tree call site: 00000 /src/gnutls/lib/minitasn1/structure.c:272
12 12 2 :

['atoi', '_gnutls_log']

22 1558 lib_init call site: 00000 /src/gnutls/lib/global.c:503
10 10 1 :

['_gnutls_log']

10 10 register_x86_intel_crypto call site: 00000 /src/gnutls/lib/accelerated/x86/x86-common.c:1170
10 10 1 :

['_gnutls_log']

10 10 _algo_register call site: 00000 /src/gnutls/lib/crypto-backend.c:67
10 10 1 :

['_gnutls_log']

10 10 _algo_register call site: 00000 /src/gnutls/lib/crypto-backend.c:87
6 6 3 :

['atoi', 'gnutls_global_set_log_function', 'gnutls_global_set_log_level']

166 1990 _gnutls_global_init call site: 00000 /src/gnutls/lib/global.c:249
4 4 2 :

['open', 'close']

44 44 _rnd_system_entropy_init call site: 00000 /src/gnutls/lib/nettle/sysrng-linux.c:166
4 4 2 :

['strlen', 'strchr']

16 16 get_x86_features call site: 00000 /src/nettle/fat-x86_64.c:76

Fuzzer calltree

0 LLVMFuzzerTestOneInput [function] [call site] 00000
1 calloc [call site] 00001
1 ntlm_input [function] [call site] 00002
2 strncmp [call site] 00003
2 c_isspace [function] [call site] 00004
2 debug_logprintf [function] [call site] 00005
3 log_vprintf_internal [function] [call site] 00006
4 get_log_fp [function] [call site] 00007
4 get_warc_log_fp [function] [call site] 00008
4 vfprintf [call site] 00009
4 vsnprintf [call site] 00010
4 xrealloc [function] [call site] 00011
5 realloc [call site] 00012
5 xalloc_die [function] [call site] 00013
6 dgettext [call site] 00014
6 abort [call site] 00015
4 xrealloc [function] [call site] 00016
4 saved_append [function] [call site] 00017
5 strchr [call site] 00018
5 strlen [call site] 00019
5 saved_append_1 [function] [call site] 00020
6 free_log_line [function] [call site] 00021
7 rpl_free [function] [call site] 00022
8 __errno_location [call site] 00023
8 __errno_location [call site] 00024
6 strdupdelim [function] [call site] 00025
7 xmalloc [function] [call site] 00026
8 nonnull [function] [call site] 00027
9 xalloc_die [function] [call site] 00028
7 xstrdup [function] [call site] 00029
8 strlen [call site] 00030
8 xmemdup [function] [call site] 00031
9 xmalloc [function] [call site] 00032
6 strlen [call site] 00033
6 xrealloc [function] [call site] 00034
6 strlen [call site] 00035
6 xmalloc [function] [call site] 00036
4 fputs [call site] 00037
4 fputs [call site] 00038
4 rpl_free [function] [call site] 00039
4 logflush [function] [call site] 00040
5 get_log_fp [function] [call site] 00041
5 get_warc_log_fp [function] [call site] 00042
5 rpl_fflush [function] [call site] 00043
6 __freading [call site] 00044
6 fflush [call site] 00045
6 clear_ungetc_buffer_preserving_position [function] [call site] 00046
7 rpl_fseeko [function] [call site] 00047
8 fileno [call site] 00048
8 fseeko [call site] 00049
6 fflush [call site] 00050
5 rpl_fflush [function] [call site] 00051
2 wget_base64_decode [function] [call site] 00052
3 c_isspace [function] [call site] 00053
3 c_isspace [function] [call site] 00054
3 c_isspace [function] [call site] 00055
3 c_isspace [function] [call site] 00056
3 c_isspace [function] [call site] 00057
2 debug_logprintf [function] [call site] 00058
2 debug_logprintf [function] [call site] 00059
2 debug_logprintf [function] [call site] 00060
2 debug_logprintf [function] [call site] 00061
1 ntlm_output [function] [call site] 00062
2 strlen [call site] 00063
2 strlen [call site] 00064
2 debug_logprintf [function] [call site] 00065
2 snprintf [call site] 00066
2 xmalloc [function] [call site] 00067
2 wget_base64_encode [function] [call site] 00068
2 debug_logprintf [function] [call site] 00069
2 strchr [call site] 00070
2 strchr [call site] 00071
2 strlen [call site] 00072
2 mkhash [function] [call site] 00073
3 strlen [call site] 00074
3 c_toupper [function] [call site] 00075
3 setup_des_key [function] [call site] 00076
4 nettle_des_set_key [function] [call site] 00077
5 des_weak_p [function] [call site] 00078
3 nettle_des_encrypt [function] [call site] 00079
4 __assert_fail [call site] 00080
4 DesSmallFipsEncrypt [function] [call site] 00081
3 setup_des_key [function] [call site] 00082
3 nettle_des_encrypt [function] [call site] 00083
3 calc_resp [function] [call site] 00084
4 setup_des_key [function] [call site] 00085
4 nettle_des_encrypt [function] [call site] 00086
4 setup_des_key [function] [call site] 00087
4 nettle_des_encrypt [function] [call site] 00088
4 setup_des_key [function] [call site] 00089
4 nettle_des_encrypt [function] [call site] 00090
3 strlen [call site] 00091
3 nettle_md4_init [function] [call site] 00092
3 nettle_md4_update [function] [call site] 00093
4 md4_compress [function] [call site] 00094
5 md4_transform [function] [call site] 00095
3 nettle_md4_digest [function] [call site] 00096
4 __assert_fail [call site] 00097
4 __assert_fail [call site] 00098
4 md4_compress [function] [call site] 00099
4 md4_transform [function] [call site] 00100
4 _nettle_write_le32 [function] [call site] 00101
4 nettle_md4_init [function] [call site] 00102
3 calc_resp [function] [call site] 00103
2 snprintf [call site] 00104
2 xmalloc [function] [call site] 00105
2 wget_base64_encode [function] [call site] 00106
1 rpl_free [function] [call site] 00107
1 rpl_free [function] [call site] 00108
1 rpl_free [function] [call site] 00109